Perl 5.001perl-5.001

[See the Changes file for a list of changes]
author: Larry Wall <lwall@netlabs.com> 1995-03-12 22:32:14 -0800
committer: Larry Wall <lwall@netlabs.com> 1995-03-12 22:32:14 -0800
commit: 748a93069b3d16374a9859d1456065dd3ae11394 (patch)
tree: 308ca14de9933a313dceacce8be77db67d9368c7 /taint.c
parent: fec02dd38faf8f83471b031857d89cb76fea1ca0 (diff)
download: perl-748a93069b3d16374a9859d1456065dd3ae11394.tar.gz
1 files changed, 8 insertions, 4 deletions
diff --git a/taint.c b/taint.c
index f2e1a53fd7..6c64b39fc7 100644
--- a/taint.c
+++ b/taint.c
@@ -50,16 +50,20 @@ taint_env()
     if (tainting) {
 	MAGIC *mg = 0;
 	svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE);
-	if (!svp || *svp == &sv_undef || (mg = mg_find(*svp, 't'))) {
-	    tainted = 1;
+	if (!svp || *svp == &sv_undef ||
+	  ((mg = mg_find(*svp, 't')) && mg->mg_len & 1))
+	{
+	    tainted = TRUE;
 	    if (mg && MgTAINTEDDIR(mg))
 		taint_proper("Insecure directory in %s%s", "$ENV{PATH}");
 	    else
 		taint_proper("Insecure %s%s", "$ENV{PATH}");
 	}
 	svp = hv_fetch(GvHVn(envgv),"IFS",3,FALSE);
-	if (svp && *svp != &sv_undef && mg_find(*svp, 't')) {
-	    tainted = 1;
+	if (svp && *svp != &sv_undef &&
+	  (mg = mg_find(*svp, 't')) && mg->mg_len & 1)
+	{
+	    tainted = TRUE;
 	    taint_proper("Insecure %s%s", "$ENV{IFS}");
 	}
     }
author	Larry Wall <lwall@netlabs.com>	1995-03-12 22:32:14 -0800
committer	Larry Wall <lwall@netlabs.com>	1995-03-12 22:32:14 -0800
commit	748a93069b3d16374a9859d1456065dd3ae11394 (patch)
tree	308ca14de9933a313dceacce8be77db67d9368c7 /taint.c
parent	fec02dd38faf8f83471b031857d89cb76fea1ca0 (diff)
download	perl-748a93069b3d16374a9859d1456065dd3ae11394.tar.gz